Security Analyst

HYBRID - 2 DAYS/WEEK - RESTON, VA

Job Description Security Analyst This role will join the Incident Response team who monitors and investigates suspicious activity directed at the company's information technology and engineering assets. This team is primarily focused on the monitoring of advanced cyber threats, discovering exploitation attempts, and the investigation of global security incidents. The team also supports insider threat investigations and participates in industry information sharing initiatives.

Responsibilities:

Search through network, system, and log data to identify undetected threats Evaluate threat intelligence (e.g., actors, hack tools, exploits, malware, etc.) and determine Threat Actor TTPs (techniques, tactics, and procedures) Analyze events/data feeds for event detection, correlation from monitoring solutions, triage and classify the output using automated systems for further investigation Translate analytical findings into security use cases that can be communicated to the security engineering team for purposes of improving detection capability Identify training opportunities for the larger Information Security team in advanced analysis, IR techniques, and threat intelligence Execute processes within all phases of the Incident Response lifecycle Coordinate response, triage and recovery activities for security events affecting the information assets Support documentation improvement/development activities for process/procedure manuals related to incident response, threat intelligence, advanced persistent threat detection, and vulnerability analysis Utilize and Expand communication channels with technology owners and the business to evangelize the evolving threat landscape Act as a mentor to junior team members and Security Operations Center analysts

Required Qualifications:

Bachelor's degree in engineering, Computers Science, OR related field or equivalent work experience 4+ years overall industry experience with minimum 2 years served in a security function Some experience in the following areas - EDR, IDS/IPS, Firewall, SIEM, Understand event correlation techniques, especially as it relates to operating within a SIEM Experience with common operating systems, such as Linux/Windows/Mac/IOS, both from a forensic and threat hunting point of view Use correlation and log aggregation tools such as Splunk Recognize common attack vectors such as recon scans, botnet, malware, command and control activity (C2), worms, trojans, lateral movement, and viruses Communicate effectively with peers and other technologists in the organization Excellent written and oral communication skills Self-motivated, effectively prioritize tasks, and solve complex problems

Preferred:

Certifications:

GIAC Certified Forensic Analyst (GCFA), GIAC Certified Forensic Examiner (GCFE), GIAC Certified Intrusion Analyst (GCIA), CISSP Experience with the writing use cases to identify insider threat activity Ability to write and or update scripts to help automate routine issues Ability to communicate effectively with senior leadership of the organization Dexian stands at the forefront of Talent + Technology solutions with a presence spanning more than 70 locations worldwide and a team exceeding 10,000 professionals. As one of the largest technology and professional staffing companies and one of the largest minority-owned staffing companies in the United States, Dexian combines over 30 years of industry expertise with cutting-edge technologies to deliver comprehensive global services and support. Dexian connects the right talent and the right technology with the right organizations to deliver trajectory-changing results that help everyone achieve their ambitions and goals. To learn more, please visit https://dexian.com/ . Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.